Feeds

Articles about Malware

Malware

158 new malware created EVERY MINUTE

Malware monitors PandaLabs says 227,747 new malware samples are released every day. The findings from its recent survey found 20 million samples were created in the third quarter of 2014. Three quarters of infections were trojans while only 9 percent were viruses and 4 percent worms. The number of trojans rose 13 percent over …
Darren Pauli, 06 Nov 2014

FBI opens Malware Investigator portal to industry

The Federal Bureau of Investigations has released a formerly in-house malware-analysing portal to help speed up incident responses and help industry and law enforcement with investigations. The G-men hope the Malware Investigator portal can let businesses build responses to new malware without such heavy reverse-engineering …
Darren Pauli, 30 Sep 2014

FACEPALM! HP cert used to sign malware

HP accidentally signed some malware, according to Krebs on Security. Krebs reports that the certificate was “used to cryptographically sign software components that ship with many of its older products”, mostly for PC software, but that back in 2010 it was also used to sign some malware. HP will therefore revoke the certificate …
Simon Sharwood, 12 Oct 2014
apple mac malware vxer

This Apple Mac has malware. How do I mop up?

We all know that Macs don't get PC viruses. But they can and sometimes do get Mac viruses. Hence this terse request from Dewix in El Reg forums. Mother-in-law has managed to get malware on her Mac. Anyone recommend a no fuss AV? Somewhat sparse on the details, Dewix. Reg readers can you help? Recommendations here. Thank- …
Aaron Milne, 16 Jun 2014

jQuery site popped to serve malware slop

The jQuery site served credential-stealing malware to scores of users who visited the website on September 18, researcher James Pleger says. The super-popular JavaScript library was used by 30 percent of websites including 70 percent of the 10,000 most popular sites which may have been compromised by the RIG exploit kit. jQuery …
Darren Pauli, 24 Sep 2014
Hacker baseball cap

Hackers use DRAFT emails as dead-drops for running malware

Sneaky hackers are using Gmail and Yahoo! drafts to control compromised devices, with the tactic designed to make detection of malware-related communications more difficult to pick up in enterprise environments. Attacks occur in two phases. Hackers first infect a targeted machine via simple malware that installs Python onto the …
John Leyden, 06 Nov 2014
Toy Story

Researcher details how malware gives AV the slip

Researcher James Wyke has discovered throw-off tactics used by malware to frustrate investigators. These tactics were part of a suite of impressive methods VXers used to find technical artifacts that could help them distinguish between computers belonging to victims and those used by malware researchers. While malware writers …
Darren Pauli, 26 Aug 2014

IEEE expands malware initiatives

Standards body the IEEE has launched two new anti-malware initiatives designed to help software and security vendors spot malware that's been inserted into other software, and improve the performance of malware detection by cutting down on false positives. The organisation's Anti-Malware Support Service (AMSS) is designed to …
Hacked sarcasm

Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office. The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to …
Kelly Fiveash, 23 Aug 2014

Watch this! The changing face of malware

Youtube Video The anti-malware software industry seems to be fighting a losing battle, with Symantec even declaring antivirus "dead". In this online tutorial Darryl MacGregor, principal technologist for information security at IT training biz QA, discusses the best strategies for protecting your information assets in the near …
David Gordon, 21 May 2014

15 MEEELLION malware-infested mobiles worldwide – report

Incidences of malicious software (malware) being identified on mobile devices rose 17% in the first half of this year, according to a new study. A report by French communications giant Alcatel-Lucent estimated that approximately 15 million mobile devices worldwide could be infected with malware. The report said that the mobile …
OUT-LAW.COM, 09 Sep 2014
android malware mobile iphone

Chinese cops cuff teen over Heart App Android malware flap

Chinese authorities have arrested a 19-year-old suspected of unleashing a fast spreading strain of malware that infects Android smartphones. Police told Chinese newspapers including Sina.com that "Li", a 19-year-old software engineering student, was cuffed in Shenzhen on suspicion of creating the Heart App Android malware within …
John Leyden, 12 Aug 2014
apple mac malware vxer

Apple blats WireLurker OS X, iOS malware – but fanbois aren't safe yet

It appears the WireLurker malware threatening Macs, iPads and iPhones has, for now, been partially neutralized. Apple told The Reg it has revoked a previously legit cryptographic certificate the malware was using to sign itself: this certificate tricked iOS devices into trusting and installing WireLurker's malicious apps. Now …
Shaun Nichols, 07 Nov 2014
Orange Credit Card

Home Depot: 56 million bank cards pwned by malware in our tills

Home Depot today admitted 56 million bank cards are at risk after they were used in malware-infected tills. The DIY giant on Thursday revealed that a software nasty infiltrated its PC-powered registers between April and September in the US and Canada. Cards swiped through the compromised machines could be accessed by the malware …
Shaun Nichols, 18 Sep 2014
Bitcoin system would kill mammoth mining pools

Fifteen countries KO'd in malware one-two punch

Someone suspected to be backed by a nation state is attacking embassies of former soviet states with a malware tool that has infiltrated networks across more than 15 countries. Hacked embassies of unnamed former soviet states include those located in: France; Belgium; Ukraine; China; Jordan; Greece; Kazakhstan; Armenia; Poland, …
Darren Pauli, 12 Aug 2014
Azure Index

Microsoft releases free anti-malware for Azure VMs

Free anti-malware software is not hard to find: even reputable vendors offer product at the low, low, price of $0.00 for client devices/ Microsoft is now doing the same for servers – or at least for virtual machines in its Azure cloud with a new offering called (deep breath now) Microsoft Antimalware for Azure Cloud Services and …
Simon Sharwood, 06 Nov 2014
apple mac malware vxer

Google makes malware microscope Mac mod

Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters. The tool has been made available for OS X 10.8 and 10.9. Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware …
Darren Pauli, 27 May 2014

Windows Registry-infecting malware has no files, survives reboots

Researchers have detailed a rare form of Windows malware that maintains infection on machines and steals data without installing files. The malware resides in the computer registry only and is therefore not easy to detect. It code reaches machines through a malicious Microsoft Word document before creating a hidden encoded …
Darren Pauli, 04 Aug 2014
Nuclear bomb image

Intruder alert: Cyber thugs are using steganography to slip in malware badness

Common or garden cybercrooks have taken to using steganography – the art of hiding secret information within another image or message file – to run a click-fraud scam. Steganography has long been the stuff of spy trade-craft and cypherpunk novels, but now cybercrooks have made the practice downmarket by applying it to the Lurk …
John Leyden, 08 Aug 2014
Malware

Attackers raid SWISS BANKS with DNS and malware bombs

Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned. The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to …
Darren Pauli, 23 Jul 2014
bug on keyboard

Researchers warn of resurgent Sefnit malware

A malware infection which drew headlines January has returned and is using new techniques to infect and spread amongst users. Known as Sefnit, the botnet infection was spotted in September of 2013 and triggered alarms earlier this year when researchers warned that millions of systems were likely infected with the malware. …
Shaun Nichols, 29 Apr 2014
bug

Secluded HijackRAT: Monster mobile malware multitool from HELL

Cybercrooks have brewed up a malicious Android app that bundles a raft of banking fraud tricks into a single strain of mobile malware. The Secluded HijackRAT is banking trojan that packs together new and previously unseen tricks, according to net security firm FireEye. The mobile nasty combines private data theft, banking …
John Leyden, 03 Jul 2014
Gold iPhone 5s, in'it?

Reddit users discover iOS malware threat

Users on a mobile phone hacking subreddit are being credited with the discovery of a malware infection targeting iOS users. The r/jailbreak community uncovered the infection while assisting a user who had been noticing unusual activity on his jailbroken iPhone. Known as 'Unflod Baby Panda', the infection targets jailbroken iOS …
Shaun Nichols, 18 Apr 2014
Ben Gurion University professor Yuval Elovici

Israel develops wireless-malware-injection-by-smartmobe tool

It's not the next Daniel Suarez plot; Israeli academics have developed software they say can use your mobile phone to detect electrical impulses, and foist malware to computers physically disconnected from any internet facing network. Ben Gurion University professor Yuval Elovici told The Times of Israel that his team …
Darren Pauli, 12 Jun 2014
Google bouncer

Droid malware cloak outwits Google Bouncer and friends

Google's Bouncer Android defence tool is one of a dozen malware detection platforms that can be flawlessly skirted by malware employing smarter heuristics, researchers have found. Malware kitted out with virtual machine detection functions and clever heuristics could bypass seemingly any detection platform on the market. …
Darren Pauli, 13 May 2014

Tor exit node mashes malware into downloads

A Tor exit node has been found slapping malware onto downloads as users exit the hidden network and enter the public web. Leviathan Security Group researcher Josh Pitts found the operator of the Russia-based node compromising binaries only a month after raising concerns of the possible attack. He created the Backdoor Factory …
Darren Pauli, 27 Oct 2014
Malware

Twitter 'news' spreads faster than Ebola #FakeCures #Malware

Social media has become a conduit for the spread of fake cures and treatments for Ebola. As if that weren't bad enough, confusion about the epidemic is also being harnessed to push malware and other cybercrime scams, security watchers warn. The hoaxes began in the Twittersphere with the spread of false ways to treat Ebola. Late …
John Leyden, 20 Oct 2014
android malware mobile iphone

Malware-as-a-service picks Android apart

Quite possibly the most expensive and capable Android malware the world has yet seen is for sale at $US5000 on underground markets, replete with software-as-a-service support. The iBanking malware has evolved from a simple SMS-stealer to a highly capable application that records audio within the range of a device's microphone, …
Darren Pauli, 22 May 2014
Fail and You

NASDAQ IT security spend: $1bn. Finding mystery malware on its servers: Priceless

NASDAQ servers were infected by malware that exploited two mystery zero-day vulnerabilities, according to a magazine cover story published today. Despite spending a ton of money on computer security, the stock exchange was wide open to attack, we're told. Today's report pulls back the curtain back to reveal a little more about …
Iain Thomson, 17 Jul 2014

Sync'n'steal: Hackers brew Android-targeting Windows malware

Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Droidpak mobile banking trojan exploits syncing between smartphones and Windows PCs to jump from a compromised PC onto an Android device. The Windows Trojan downloads a malicious .APK file …
John Leyden, 27 Jan 2014
bug on keyboard

Manic malware Mayhem spreads through Linux, FreeBSD web servers

Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, …
Iain Thomson, 18 Jul 2014

Malware analysts tell crooks to shape up and write decent code

Blackhats beware: reverse engineers are laughing at your buggy advanced persistent threat (APT) malware. You've done pretty well though: your custom payloads were effective at breaking into enterprises and the damage it did was quite devastating. But many were being found and added to anti-malware signatures all too quickly. …
Darren Pauli, 10 Oct 2014
Remy from Ratatouille

Another RAT crawls out of the malware drain

Yet another banking trojan has appeared, using browser hooking to steal data from Internet Explorer, Chrome and Firefox users. Dyreza, or Dyre, is pitched the usual way, via a phishing e-mail (a lesson that's never learned well enough for the approach to fail), and the e-mail contains what purports to be a zipped document that …
android tongue

Malware gets your Android blabbering to HACKERS

Researchers from the Chinese University of Hong Kong have developed bizarre malware that dictates contacts, emails and other sensitive text data in order to steal it. In the novel attack a seemingly innocuous app that required no permissions called a bad guy's phone number and blabbered the stolen data out of the speakers and …
Darren Pauli, 29 Jul 2014

PC-infecting chat demon quotes THE BIBLE to summon malware plague

A new Trojan that distributes itself through Facebook instant messaging and Yahoo! Messenger has claimed hundreds of victims. Computer systems have been infected by the software nasty in the UK, Germany, France, Denmark, Romania, the US and Canada during the past week or so, according to Romanian antivirus firm Bitdefender. …
John Leyden, 27 May 2014

Revealed: Malware that forces weak ATMs to spit out 'ALL THE CASH'

Thieves are sneaking malware dubbed Tyupkin into ATMs to force them to cough millions of dollars, we're told. The crims don't need to use stolen or cloned cards. Instead, fraudsters infect the ATM's on-board PC, and later type a special combination of digits on the PIN keypad to drain the machine of banknotes – that's according …
John Leyden, 08 Oct 2014
Flytrap

Leaked docs reveal power of malware-for-government product 'FinFisher'

A string of documents detailing the operations and effectiveness of the FinFisher suite of surveillance platforms appears to have been leaked. The documents, some dated 4 April this year, detail the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies …
Darren Pauli, 05 Aug 2014
Ruhr University's malware architecture

How to marry malware to software downloads in an undetectable way (Hint: Please use HTTPS)

Be thankful it's only a proof-of-concept of a hack: German researchers have shown that internet software distribution mechanisms can be turned into virus vectors, without modifying the original code. The Ruhr University boffins – Felix Gröbert, Ahmad-Reza Sadeghi and Marcel Winandy – have developed an on-the-fly mechanism for …

Yes, there is now BITCOIN-MINING MALWARE for Android

Bitcoin mining on low-powered devices these days is a bad idea, to say the least. As cryptocurrency blockchains grow more complex, even high-powered dedicated mining rigs are having trouble effectively mining coins. Your smartphone, therefore, is going to be about as useful for mining Bitcoin as soup ladle is for mining actual …
Shaun Nichols, 25 Apr 2014

Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users

Microsoft has won a court order to gain control of 23 No-IP domains owned by dynamic DNS (DDNS) provider Vitalwerks Internet Solutions. The US software giant claimed the domains were being used by malware developed in the Middle East and Africa. Vitalwerks operates its No-IP DDNS service from Nevada, and there is no suggestion …
Iain Thomson, 01 Jul 2014
Evil Android

Android is a BURNING 'hellstew' of malware, cackles Apple's Cook

Apple CEO Tim Cook took a few minutes of his two-hour keynote at Apple's Worldwide Developers Conference (WWDC) on Monday morning in San Francisco to stick his thumb in Android's eye. "Over 130 million customers who bought an iOS device in the past 12 months were buying their first Apple device," Cook told the 6,000 developers …
Rik Myslewski, 02 Jun 2014
balaclava_thief_burglar

Cisco: Hey, IT depts. You're all malware hosts

Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration) …

EXPOSED: Massive mobile malware network used by cops globally

A probe by Citizen Lab at the University of Toronto and computer security firm Kaspersky Lab has uncovered a massive network of mobile malware for all phone types that is sold by an Italian firm to police forces around the world. The malware, dubbed Remote Control System (RCS), was produced by a company called Hacking Team. It …
Iain Thomson, 24 Jun 2014

Zoom out for a view of malware, say boffins

One of the reasons malware gets past corporate defences is that a single HTTP request can look perfectly innocent. However, according to research to be presented at a security conference next week, those requests reveal themselves if the defender takes a “big picture” view. According to research to be presented at the Internet …
An alternative Yahoo! logo, courtesy of a Flickr user

Malware! tainted! ads! infect! thousands! of! Yahoo! users!

Thousands of Yahoo! users have been exposed to malware through malicious advertisements over the past few days, according to research by Dutch security firm Fox-IT. Malware-tainted ads served from ads.yahoo.com were shown to victims in Romania, Great Britain and France, infecting tens of thousands every hour. The first infection …
John Leyden, 06 Jan 2014
The NSA Unchained

NSA installed '50,000 malware sleeper cells' in world computer networks

America's NSA had established an army of "sleeper cells" – malware-infected, remote-controllable computers – on 50,000 networks by the middle of 2012. That's according to the latest leaks from whistleblower Edward Snowden. Dutch newspaper NRC Handelsblad reports that the elite NSA TAO (Tailored Access Operations) hacking squad …
John Leyden, 25 Nov 2013

Flappy Bird's ANIMATED CORPSE may spread malware PLAGUE

Cybercrooks have been quick to latch onto the hype about Flappy Bird's demise by laying a variety of malware-based traps. Counterfeit Flappy Bird Android apps packing malware have been spotted all over the web, with sightings by both Trend Micro and Sophos, among others. Trend warns that counterfeit copies of the mobile game …
John Leyden, 12 Feb 2014

Time to ditch HTTP – govt malware injection kit thrust into spotlight

A new report form the Toronto-based internet watchdog Citizen Lab has shown cases of governments running network injection attacks that can deliver malware via any HTTP web connection. The dossier looks at two hacking tools created by the Italian firm Hacking Team and the German biz FinFisher that use the injection attack vector …
Iain Thomson, 16 Aug 2014
Android 4.1 Jelly Bean

Using Android 4.3? Don't let malware snatch your private login keys

If you're one of the 10.3 per cent of Android users running version 4.3, aka Jelly Bean, your login keys are at risk of theft – thanks to a vulnerability in the operating system's KeyStore software. KeyStore, as the name suggests, stores a user's cryptographic keys, which are used by apps to log into services without the user …
Iain Thomson, 30 Jun 2014
Spying image

Securobods claim Middle East govts' fingerprints all over malware flung at journos

Researchers at Toronto-based Citizen Lab have shot down denials by Syria, Bahrain and the United Arab Emirates regarding attacks against activists, journalists and dissidents, labelling some of the assaults as incompetent. The team gathered tens of thousands of documents and files detailing the malware and social engineering …
Darren Pauli, 31 Jul 2014